fix(ci-poller): handle commit-status failures when all check runs pass

[JoshuaMoelans]

The poller silently ignored commit-status failures (e.g. console compat checks) because the failure branch only checked for unsuccessful check runs. This left publish issues stuck as ci-pending with no comment.

From sentry-native we added these checks in our console repos that report back with a commit status (e.g. sentry-switch) , but since all actual check-runs in sentry-native CI passed, the CI status poller doesn't finish since it's waiting for status_ok to become true (or some CI check to be unsuccessful, which they are not).

Analysis

The following flowgraph shows the existing paths, and the new path (added in purple). Before, we would just end up in the orange state, stuck in ci-pending (see #7819), since we'd never reach any of the other terminal states.

flowchart TD
    A[Start: process issue] --> B{total_checks == 0<br/>AND total_statuses == 0?}
    B -->|Yes| C[No CI found yet — skip]
    B -->|No| D{commit_status == success?}

    D -->|Yes| E[status_ok = true]
    D -->|No| F{total_statuses == 0?}
    F -->|Yes| G[status_ok = true<br/>repo uses only check runs]
    F -->|No| H[status_ok = false]

    E --> I{status_ok == true<br/>AND pending == 0<br/>AND unsuccessful == 0?}
    G --> I

    I -->|Yes| J[✅ CI passed<br/>Add ci-ready label<br/>Comment on issue]

    I -->|No| K{pending == 0<br/>AND unsuccessful != 0?}
    H --> K

    K -->|Yes| L[❌ Check-run failure<br/>Comment with failed check names]
    K -->|No| N{commit_status == failure<br/>AND pending == 0<br/>AND unsuccessful == 0?}
    N -->|Yes| P[❌ Commit-status failure<br/>Comment with failed status contexts]
    N -->|No| M[⏳ Still pending<br/>— silent, retry next tick]

    style J fill:#2ecc71,stroke:#27ae60,color:#fff
    style L fill:#e74c3c,stroke:#c0392b,color:#fff
    style M fill:#f39c12,stroke:#e67e22,color:#fff
    style C fill:#95a5a6,stroke:#7f8c8d,color:#fff

    style P fill:#9b59b6,stroke:#6c3483,color:#fff,stroke-width:4px
    style N fill:#d2b4de,stroke:#6c3483,color:#000,stroke-width:3px

    linkStyle 13 stroke:#9b59b6,stroke-width:3px
    linkStyle 14 stroke:#9b59b6,stroke-width:3px

Loading

[sentry]

Bug: The gh api call to get commit status lacks error handling. If the API fails, failed_contexts will be empty, leading to an incomplete comment.
_{Severity: LOW}

Suggested Fix

Add error handling to the gh api call, consistent with the pattern used elsewhere in the file. For example, append 2>/dev/null || echo "error" to the command to ensure that failures are gracefully handled and do not result in empty variables.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.

Location: .github/workflows/ci-poller.yml#L198-L200

Potential issue: The `gh api` call to fetch a commit's status does not handle potential
failures. Unlike similar calls in the same file, it is missing a `2>/dev/null ||
fallback` mechanism. If the GitHub API call fails due to transient issues like network
timeouts or rate limiting, the `failed_contexts` variable will capture an empty string.
The workflow will then proceed to post a comment with an incomplete message, such as
"Failed status checks: ", which can be confusing for users trying to debug CI failures.

[JoshuaMoelans]

true, but this is also not addressed in the other paths of the flow; maybe worth doing as a follow-up, but not critical (and not necessary as part of this PR IMO)